Firewalls are useful in protecting online activity by securing network access from a computer or by inserting a protective layer in between two networks. Firewalls can be either software or hardware, and they work by permitting, or passing through, pre-authorized communications as determined by the owner / operator of the system being protected.
Firewalls are deployed in one of three ways.
First, all communications between an internal network and an external network, such as the Internet, can be passed through the firewall. In this manner, the firewall is the only way for communications to pass through and it is well placed to prevent unauthorized access or communications that are indicative of viruses, spyware, and other malicious software that call home from an infected system.
Second, a firewall can be configured as a dual-homed host on a dedicated computer. In this case, the host firewall computer will perform the necessary translations to pass through authorized communications and protocols. The external and internal networks are thus separated and remain unseen from each other.
Third, a firewall can be configured as a screened subnet, meaning that only authorized access and communications are permitted to take place on specified network nodes by protecting their network addresses.
As stated before, a firewall can be either software or hardware, and the most common version is software. Free versions, including trial versions, exist for many popular software models. After installing the software version, the firewall must be activated and run before training it in what communications are permitted and prohibited. Much of this is intuitive and the firewall remembers the last settings chosen for particular communications and protocols.
In the hardware version, a "box" is installed between the external network (Internet or other type) and the internal network it is protecting. Communicating with the box to set authorized communications and protocols and communications ports are done with a maintenance or root access account from a protected computer to the box.
The interfaces for both the software and hardware versions are intuitive and simple to click through and operate. The majority of the work is actually installing and running the program with less work involved in selecting and choosing to authorize new communications events. As they are learned by the program over time, the authorizations become less frequently.
By : Raleigh Stout.
No comments:
Post a Comment